Q23A cloud implementation engineer successfully created a new VM. However, the engineer notices the new VM is not accessible from another network. A ping test works from another VM on the same subnet. Which of the following is the MOST likely problem?

Q24A customer wants a cloud systems administrator to adjust the backup schedule after month-end to ensure the data can be restored as fast as possible while minimizing the time needed to perform the backup. Which of the following backup types should be scheduled?

A. Synthetic fullB. IncrementalC. DifferentialD. Full

Answer: A

Q25cloud administrator uses a script to automatically restart all the servers running in the public cloud provider environment, which hosts e-commerce applications. The administrator decides to implement the same script for a similar environment that hosts the finance applications. After verifying the script is deployed to the public cloud environment for finance, the administrator schedules a job to run at 9:00 a.m. After 9:00 a.m., the administrator receives a report from the e- commerce team that the application is experiencing outages. Which of the following should the administrator do to resolve the issue?

A. Update the version of the CLI tool for the public cloud provider.B. Copy the script up to a bastion host in the environment and run it from there.C. Validate the access credentials for the cloud provider are correct.D. Debug the script and modify it to remove the flawed logic.

Answer: C

Q26A critical new security update has been released to fix an identified zero-day vulnerability with the SSH server process. Due to its severity, all development and staging servers must have this update applied immediately. Which of the following is the FASTEST way for the administrator to apply the patch and ensure all systems are configured consistently?

A. Shut down all servers and use the server provisioning tools to deploy new ones that have the latest patch applied.B. Create a master inventory list of servers that must be patched. Log in to each server and deploy the patch, making sure to check off each server on the list.C. Use the existing tooling to clone the existing servers. Update each clone with the latest patch and shut down the original system.D. Update the set of configuration management scripts to include the latest patch. Execute these scripts against a master inventory of servers.

Answer: D

Q27A company wants to take advantage of cloud benefits while retaining control of and maintaining compliance with all its security policy obligations. Based on the non-functional requirements, which of the following should the company use?

A. Hybrid cloud, as use is restricted to trusted customersB. IaaS, as the cloud provider has a minimal level of security responsibilityC. PaaS, as the cloud customer has the most security responsibilityD. SaaS, as the cloud provider has less security responsibility

Answer: B

Q28An administrator is deploying a new application platform with the following resource utilization:

Company policy requires that no resource utilization surpasses 80%. Which of the following resources will need to be upgraded prior to deployment?

A. DiskB. IOPSC. CPUD. NetworkE. RAM

Answer: A

Q29Several suspicious emails are being reported from end users. Organizational email is hosted by a SaaS provider. Upon investigation, the URL in the email links to a phishing site where users are prompted to enter their domain credentials to reset their passwords. Which of the following should the cloud administrator do to protect potential account compromise?

A. Forward the email to the systems team distribution list and provide the compromised user list.B. Click on the URL link to verify the website and enter false domain credentials.C. Change the encryption key for the entire organization and lock out all users from using email until the issue is remediated.D. Notify users who received the email to reset their passwords regardless of whether they click on the URL.

Answer: C

Q30Which of the following is the BEST way to ensure accounts in a cloud environment are disabled as soon as they no longer need to be active?

A. Have the user contact the cloud systems administrator to disable the account when it is no longer needed.B. When users leave the company, ensure an account disablement request is initiated and will be fulfilled in less than four hours.C. Have accounts checked by the cloud systems administrator once per day to ensure active accounts are still valid.D. Reboot directory services servers once a day to ensure all account disablement requests are committed.

Answer: A

Q31A cloud administrator has deployed a new all-flash storage array with deduplication and compression enabled, and moved some of the VMs into it. The goal was to achieve 4:1 storage efficiency while maintaining sub-millisecond latency. Which of the following results would BEST suit the requirements?

Q32A newly established CSP allows for drive shipping to upload new data into the environment. Sensitive data on 40TB of storage needs to be transferred within one week. Which of the following is the MOST efficient and secure method for shipment of the data to the CSP with minimal downtime?

A. Create a VPN between the sites and schedule data transfer during non-business hours.B. Copy the data to encrypted drives and use the CSP-certified shipping provider.C. Compress and SFTP the data to the CSP.D. Move the data to encrypted drives and use the CSP-certified shipping provider.

Answer: D

Q33A manufacturing company’s current security policy mandates PII is not stored in the SaaS solution. Which of the following configuration controls should be used to block sensitive information from being stored in the SaaS solution?